On Fri, Mar 23, 2018 at 08:27:11PM +0000, Brian wrote:
Having authenticated to get on the network it is superfluous to ask for
further authentication to send mail (or browse the web), wouldn't you
say?
No, because:
1) it's quicker and easier to address spam issues if there is a client
login associated with each email. It's possible to correlate network
logins with email activity, but especially since the people running
email are typically not the people running the network, it's harder.
2) they want the same configuration on your laptop to work whether
you're at home or at starbucks.
3) now that email headers are often signed, you really want some kind of
authentication that the person claiming to be the sender is actually the
sender before you put on a cryptographic signature confirming that they
are. If you only authenticate based on IP, any ISP user can claim to be
any other ISP user.
Mike Stone
